WGU C706 SECURE SOFTWARE DESIGN
SCRIPT 2026 TESTED QUESTIONS WITH
COMPLETE SOLUTIONS GRADED A+
⩥ Three main goals of secure software development. Answer: Quality
Security
Maintainability
⩥ What are the three threat intention categories?. Answer: unintentional
Intentional but non-malicious
malicious
⩥ What are the primary issues in modeling. Answer: Doing it well
Doing it thoroughly enough
Doing Knowing what to do with the results
,⩥ 12 categories of BSIMM. Answer: Strategy and Metrics
Compliance and Policy
Training
Attack Models
Security Features and Design
Standards and Requirements
Architecture Analysis
Code Review
Security Testing
Penetration Testing
Software Environment
Configuration and Vulnerability Management
⩥ ISO 27001. Answer: Specifies a management system intended to
bring information security under formal management control.
⩥ ISO 27034. Answer: Guidance to help organizations embed security
within their processes that help secure applications running in the
environment.
⩥ SAFECode. Answer: Global industry led effort to identify and
promote best practices for software, hardware and services.
, ⩥ DHS Software Assurance Program. Answer: Created the Build
Security In website (BSI) to push security in the SDLC
⩥ NVD. Answer: National Vulnerability Database
⩥ SAMATE. Answer: Dedicated to improving software assurance by
developing methods to enable software tool evaluations, measuring the
effectiveness of tools and techniques, and identifying gaps in tools and
methods.
⩥ What is an exposure?. Answer: A mistake in software that allows
access to information or capabilities that can be used by a hacker as a
stepping-stone into a system or network.
⩥ Fuzzing. Answer: a technique of penetration testing that can include
providing unexpected values as input to an application to make it crash
⩥ Static Analysis. Answer: The analysis of computer software that is
performed without actually executing programs
⩥ Dynamic Analysis. Answer: Analysis of the code while it is executed.
SCRIPT 2026 TESTED QUESTIONS WITH
COMPLETE SOLUTIONS GRADED A+
⩥ Three main goals of secure software development. Answer: Quality
Security
Maintainability
⩥ What are the three threat intention categories?. Answer: unintentional
Intentional but non-malicious
malicious
⩥ What are the primary issues in modeling. Answer: Doing it well
Doing it thoroughly enough
Doing Knowing what to do with the results
,⩥ 12 categories of BSIMM. Answer: Strategy and Metrics
Compliance and Policy
Training
Attack Models
Security Features and Design
Standards and Requirements
Architecture Analysis
Code Review
Security Testing
Penetration Testing
Software Environment
Configuration and Vulnerability Management
⩥ ISO 27001. Answer: Specifies a management system intended to
bring information security under formal management control.
⩥ ISO 27034. Answer: Guidance to help organizations embed security
within their processes that help secure applications running in the
environment.
⩥ SAFECode. Answer: Global industry led effort to identify and
promote best practices for software, hardware and services.
, ⩥ DHS Software Assurance Program. Answer: Created the Build
Security In website (BSI) to push security in the SDLC
⩥ NVD. Answer: National Vulnerability Database
⩥ SAMATE. Answer: Dedicated to improving software assurance by
developing methods to enable software tool evaluations, measuring the
effectiveness of tools and techniques, and identifying gaps in tools and
methods.
⩥ What is an exposure?. Answer: A mistake in software that allows
access to information or capabilities that can be used by a hacker as a
stepping-stone into a system or network.
⩥ Fuzzing. Answer: a technique of penetration testing that can include
providing unexpected values as input to an application to make it crash
⩥ Static Analysis. Answer: The analysis of computer software that is
performed without actually executing programs
⩥ Dynamic Analysis. Answer: Analysis of the code while it is executed.
